search

passkeydeveloper / passkeys.dev

source for the passkeys.dev developer site
https://passkeys.dev
Other
162 stars 48 forks source link

Chrome to sync passkeys on Google Password Manager between desktop and Android #398

Open danopia opened 12 hours ago

danopia commented 12 hours ago

Issue title comes from the related blog post: https://developer.chrome.com/blog/passkeys-gpm-desktop

Issue with existing content

Link to content

https://passkeys.dev/device-support/

What is the issue?

I believe the support matrix needs at least a little updating based on this new functionality.

I understand that Chrome Desktop is gaining access to synced Google Password Manager (GPM) passkeys. This seems to be 'by default' when the user's Google Account contains an Android device.

Confusingly for me, the current Matrix section is broken out based on the operating system. The linked article instead contains a support matrix based on the synced keychain product. So it displays "iCloud Keychain" and "Google Password Manager" with different support for each OS. Technically it's more like Chrome can (excluding iOS/iPad) now sync passkeys independent of the OS keychain. (I don't see Microsoft's keychain mentioned)

Meanwhile, ChromeOS only has one browser available so, similar to Android, GPM is effectively the OS keychain. ChromeOS GPM is currently "in beta" and I've just verified the basic functionality myself.

Proposed changes

  1. Represent Chrome as having separate "Synced Passkeys" support for each of macOS, Ubuntu, and Windows
  2. Update "Chrome OS / Synced Passkeys" to an In Beta status + footnote
  3. Consider if it's worth representing Synced Passkey support individually for each mainstream cloud keychain

Any other notes

I haven't managed to find the Chrome release note for this change, so I don't know the Chrome version which adds GPM.

timcappalli commented 12 hours ago

passkeys.dev is targeted towards developers, not a general audience, so the DSM is intended to only cover the default experiences on each device, not additional providers that get installed (GPM via Chrome would be considered an additional provider). As a developer, the most important thing to know is that a user can be successful with passkeys on the device.

That being said, we do plan to update some of the more advanced references docs in the next few weeks to talk about some of these ecosystem changes, so thank you for opening this up.

danopia commented 11 hours ago

That's a fair point against my first proposed change of macOS, Ubuntu, and Windows. Frankly I already feel that web feature support is already down browser lines anyway, so knowing that a user could have success with synced Passkeys if they're using Chrome is a strong step to me. But given the current table layout I can yield this and look forward to the further docs :)

I'd still argue in favor of my second proposed change. Due to ChromeOS's de facto browser lock-in to Chrome, this development is clearly what "Planned" refers to under "Chrome OS / Synced Passkeys". Assuming it leaves beta just fine, developers could reasonably expect ChromeOS users to have success with passkeys. So far ChromeOS has been limited to Cross-Device Authentication (and browser extensions).